Nintendo Wi-Fi Connection spoofing

From Glitch City Wiki
Jump to navigation Jump to search

Nintendo Wi-Fi Connection spoofing, including GTS spoofing is an exploit for Generation IV and Generation V Nintendo DS Pokémon games and for online services in other Nintendo DS games in general.

This exploit allows the player to connect to a custom Wi-Fi server, where they can obtain Pokémon that were generated illegitimately, trade with other players on a custom server, host Battle Videos and battle other players online.

Theory of usage

It is important to understand the separation between "common" servers (used for example in matchmaking and friend-finding, formerly ran by GameSpy and today by the likes of Wiimmfi or AltWFC) and game-specific servers (such as the GTS/Battle Video hosting/Wi-Fi Battle Tower, today operated by the "Pokémon Classic Network", and the Mystery Gift ones ran by AltWFC/Wiimmfi).

Whereas in the past (while the "Nintendo" Wi-Fi Connection was still operating) custom servers were primarily or exclusively alternative implementations of Flipnote Hatena or the Generation IV GTS (which does not use encryption), often focused on giving users the ability to upload or download individual Pokémon to their computer without using a cheating or save-dumping tool, nowadays the custom DNS used to access AltWFC or Wiimmfi often also provide access to other separate but related services, such as the above-mentioned Pokémon Classic Network or RiiConnect24.

nds-constrain't Exploit

Due to the use of encryption (chiefly, SSL v3), connecting to custom servers (except for the GTS, as described above) theoretically requires modifying the games to disable encryption and identity verification, as commonly done on the DS via cheat codes or ROM patching (often amounting to replacing https addressess with http ones). This changed dramatically in November 2018 when it was discovered that all versions of the official WFC libraries (statically linked in every WFC game) will engage in encrypted communications with any server as long as the server's certificate is signed by a Nintendo certificate, even if the latter does not have permission to sign certificates. (Every Wii and newer Nintendo console includes at least one certificate as well as its matching private key, used for example to sign in to the online shop.)

While this oversight doesn't apply to Wii software, patching them to enable the use of an alternative server is generally more convenient than on a DS, due to the ease of running unofficial software on the console.